/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package controller;

import accessor.User;
import accessor.UserAccessor;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author QUYET
 */
@WebServlet(name = "admin_change_pass", urlPatterns = {"/admin_change_pass"})
public class admin_change_pass extends HttpServlet {

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        HttpSession session = request.getSession();
        UserAccessor accessor = new UserAccessor();
        try {
            if (request.getSession().getAttribute("userObj")==null) {
                response.sendRedirect("admin");
            }
            if (request.getParameter("submit") != null) {
                User user = (User) request.getSession().getAttribute("userObj");
                String old_password = request.getParameter("oldPass");
                String new_password = request.getParameter("newPass");
                String conf_new_pass = request.getParameter("confirm_newpass");
                if (!old_password.equals("") && !new_password.equals("") && !conf_new_pass.equals("") && conf_new_pass.equals(new_password)) {
                    String originalPass = user.getPassword();
                    if (!old_password.equals(originalPass)) {
                        session.setAttribute("err_oldPass","<p>Your old password does not match your previous password!</p>");
                        response.sendRedirect("admin/change_pass.jsp");
                    }else{
                        user.setPassword(new_password);
                        int retVal = accessor.changePass(user);
                        if(retVal==1){
                            session.setAttribute("mess_user","<p>Change pass successful!</p>");
                            response.sendRedirect("admin/list_user.jsp");
                        }else{
                            session.setAttribute("changePassError","<p>Change pass fail!</p>");
                            response.sendRedirect("admin/change_pass.jsp");
                        }
                    }
                        
                } else {
                    if (old_password.equals("")) {
                        session.setAttribute("err_oldPass","<p>You must enter your old password!</p>");
                    }
                    if (new_password.equals("")) {
                        session.setAttribute("err_newPass","<p>You must enter your new password!</p>");
                    }
                    if (conf_new_pass.equals("")) {
                        session.setAttribute("err_confirmPass","<p>You must enter your new confirmed password!</p>");
                    }
                    if (!conf_new_pass.equals(new_password)) {
                        session.setAttribute("err_confirmPass","<p>Confirmed new password does not match new password!</p>");
                    }

                    response.sendRedirect("admin/change_pass.jsp");
                }
            } else {
                session.removeAttribute("changePassError");
                response.sendRedirect("admin/change_pass.jsp");
            }
        } finally {
            out.close();
        }
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
